urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.com Open in urlscan Pro
20.190.159.23  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://prosegur-dwp.onbmc.com/dwp/app/#/activity
Effective URL: https://login.microsoftonline.com/68485601-fbbc-47c6-b156-3e1a7e0a4434/saml2?SAMLRequest=nVRLj9owEL7vr4h8d94EsACJglaLtG0joD30snKcC...
Submission: On December 13 via manual from BR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 14 HTTP transactions. The main IP is 20.190.159.23, located in Dublin, Ireland and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 24.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on December 1st 2022. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 185.136.188.210 203366 (BMCSAAS-AMS)
2 20.190.159.23 8075 (MICROSOFT...)
7 2620:1ec:46::45 8068 (MICROSOFT...)
1 40.126.32.138 8075 (MICROSOFT...)
2 152.199.23.72 15133 (EDGECAST)
14 5
3    185.136.188.210 (Ireland)

ASN203366 (BMCSAAS-AMS, IE)
prosegur-dwp.onbmc.com
ams-rsso2.onbmc.com
2    20.190.159.23 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com
7    2620:1ec:46::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aadcdn.msauth.net
1    40.126.32.138 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
2    152.199.23.72 (United States)

ASN15133 (EDGECAST, US)
aadcdn.msauthimages.net
Apex Domain
Subdomains		 Transfer
7 msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 1197
214 KB
3 onbmc.com
prosegur-dwp.onbmc.com — Cisco Umbrella Rank: 576535
ams-rsso2.onbmc.com
4 KB
2 msauthimages.net
aadcdn.msauthimages.net — Cisco Umbrella Rank: 3536
288 KB
2 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 24
107 KB
1 live.com
login.live.com — Cisco Umbrella Rank: 85
14 5
Domain Requested by
7 aadcdn.msauth.net login.microsoftonline.com
aadcdn.msauth.net
2 aadcdn.msauthimages.net
2 login.microsoftonline.com login.microsoftonline.com
2 ams-rsso2.onbmc.com 1 redirects
1 login.live.com login.microsoftonline.com
1 prosegur-dwp.onbmc.com
14 6

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com
Subject Issuer Validity Valid
*.onbmc.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-04 -
2023-05-04		 a year crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2022-12-01 -
2023-12-01		 a year crt.sh
aadcdn.msauth.net
DigiCert SHA2 Secure Server CA		 2022-08-23 -
2023-08-23		 a year crt.sh
login.live.com
DigiCert SHA2 Secure Server CA		 2022-10-03 -
2023-10-03		 a year crt.sh
aadcdn.msauthimages.net
Microsoft Azure TLS Issuing CA 02		 2022-05-11 -
2023-05-06		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/68485601-fbbc-47c6-b156-3e1a7e0a4434/saml2?SAMLRequest=nVRLj9owEL7vr4h8d94EsACJglaLtG0joD30snKcCWspsVOPs0v%2FfZ0UtKxEORDlkNijb77H2DPkTd2yZWdf1RZ%2Bd4DWOza1QjZszElnFNMcJTLFG0BmBdstvz6z2A9Za7TVQtfE26zn5KXklRCQCVpEVUbTsEgpjyNOizLJpuG0KsqsIN5PMCi1mhOHQB68K88GsYONQsuVdWVhHNPIvck%2BGrPRlCWJH03Gv4i3dmSl4nZAe7W2RRYEtT5I5TdSGI26slrVUoEvdBNkk3QyysKIVkUhaDoWmSM6ymgCER9DyNM0SYNedUy8R20EDKbMScVrBCcRc44o3%2BC8cpV7frLki1SlVIfb%2FhX%2FipA97fc5zb%2Fv9tdBl4hgepkrrbBrwOzAvEkBP7bPH8J5g9Qg6tjXqmjEILn%2FDwwIcLRN4OJCOHSGuo%2BSLIZWs14wGxw3F8Hf5s3PfMgC25ce7TP2LLhAvejTsm8Oa7POdS3Fn3vmzOXScPv%2F6siPhhVZ0mooZZ3CFoSsJJTEW9a1fl8Z4NalaE0HJPhE73QCoByid25bON51Hla6abmR2E8mHLmwJ7s%2FLL%2FssKqdo1uo7gngZplgood2y%2F3svmtT9vMJwincG%2B6c0caewrrG5%2BRNcMOcxcN5%2B%2FIKWfwF&RelayState=_dafcce6c-b1f6-40b4-a21a-bd36909fbd6b&sso_reload=true
Frame ID: DDBA1125E2E9A650D868E71DA76AC2D4
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bei Ihrem Konto anmelden

Page URL History Show full URLs

  1. https://prosegur-dwp.onbmc.com/dwp/app/ Page URL
  2. https://ams-rsso2.onbmc.com/rsso/start Page URL
  3. https://ams-rsso2.onbmc.com/rsso/start HTTP 302
    https://login.microsoftonline.com/68485601-fbbc-47c6-b156-3e1a7e0a4434/saml2?SAMLRequest=nVRLj9owEL7vr4h8d94Es... Page URL
  4. https://login.microsoftonline.com/68485601-fbbc-47c6-b156-3e1a7e0a4434/saml2?SAMLRequest=nVRLj9owEL7vr4h8d94Es... Page URL

Page Statistics

14
Requests

100 %
HTTPS

20 %
IPv6

5
Domains

6
Subdomains

5
IPs

3
Countries

611 kB
Transfer

1300 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://prosegur-dwp.onbmc.com/dwp/app/ Page URL
  2. https://ams-rsso2.onbmc.com/rsso/start Page URL
  3. https://ams-rsso2.onbmc.com/rsso/start HTTP 302
    https://login.microsoftonline.com/68485601-fbbc-47c6-b156-3e1a7e0a4434/saml2?SAMLRequest=nVRLj9owEL7vr4h8d94EsACJglaLtG0joD30snKcCWspsVOPs0v%2FfZ0UtKxEORDlkNijb77H2DPkTd2yZWdf1RZ%2Bd4DWOza1QjZszElnFNMcJTLFG0BmBdstvz6z2A9Za7TVQtfE26zn5KXklRCQCVpEVUbTsEgpjyNOizLJpuG0KsqsIN5PMCi1mhOHQB68K88GsYONQsuVdWVhHNPIvck%2BGrPRlCWJH03Gv4i3dmSl4nZAe7W2RRYEtT5I5TdSGI26slrVUoEvdBNkk3QyysKIVkUhaDoWmSM6ymgCER9DyNM0SYNedUy8R20EDKbMScVrBCcRc44o3%2BC8cpV7frLki1SlVIfb%2FhX%2FipA97fc5zb%2Fv9tdBl4hgepkrrbBrwOzAvEkBP7bPH8J5g9Qg6tjXqmjEILn%2FDwwIcLRN4OJCOHSGuo%2BSLIZWs14wGxw3F8Hf5s3PfMgC25ce7TP2LLhAvejTsm8Oa7POdS3Fn3vmzOXScPv%2F6siPhhVZ0mooZZ3CFoSsJJTEW9a1fl8Z4NalaE0HJPhE73QCoByid25bON51Hla6abmR2E8mHLmwJ7s%2FLL%2FssKqdo1uo7gngZplgood2y%2F3svmtT9vMJwincG%2B6c0caewrrG5%2BRNcMOcxcN5%2B%2FIKWfwF&RelayState=_dafcce6c-b1f6-40b4-a21a-bd36909fbd6b Page URL
  4. https://login.microsoftonline.com/68485601-fbbc-47c6-b156-3e1a7e0a4434/saml2?SAMLRequest=nVRLj9owEL7vr4h8d94EsACJglaLtG0joD30snKcCWspsVOPs0v%2FfZ0UtKxEORDlkNijb77H2DPkTd2yZWdf1RZ%2Bd4DWOza1QjZszElnFNMcJTLFG0BmBdstvz6z2A9Za7TVQtfE26zn5KXklRCQCVpEVUbTsEgpjyNOizLJpuG0KsqsIN5PMCi1mhOHQB68K88GsYONQsuVdWVhHNPIvck%2BGrPRlCWJH03Gv4i3dmSl4nZAe7W2RRYEtT5I5TdSGI26slrVUoEvdBNkk3QyysKIVkUhaDoWmSM6ymgCER9DyNM0SYNedUy8R20EDKbMScVrBCcRc44o3%2BC8cpV7frLki1SlVIfb%2FhX%2FipA97fc5zb%2Fv9tdBl4hgepkrrbBrwOzAvEkBP7bPH8J5g9Qg6tjXqmjEILn%2FDwwIcLRN4OJCOHSGuo%2BSLIZWs14wGxw3F8Hf5s3PfMgC25ce7TP2LLhAvejTsm8Oa7POdS3Fn3vmzOXScPv%2F6siPhhVZ0mooZZ3CFoSsJJTEW9a1fl8Z4NalaE0HJPhE73QCoByid25bON51Hla6abmR2E8mHLmwJ7s%2FLL%2FssKqdo1uo7gngZplgood2y%2F3svmtT9vMJwincG%2B6c0caewrrG5%2BRNcMOcxcN5%2B%2FIKWfwF&RelayState=_dafcce6c-b1f6-40b4-a21a-bd36909fbd6b&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://ams-rsso2.onbmc.com/rsso/start HTTP 302
  • https://login.microsoftonline.com/68485601-fbbc-47c6-b156-3e1a7e0a4434/saml2?SAMLRequest=nVRLj9owEL7vr4h8d94EsACJglaLtG0joD30snKcCWspsVOPs0v%2FfZ0UtKxEORDlkNijb77H2DPkTd2yZWdf1RZ%2Bd4DWOza1QjZszElnFNMcJTLFG0BmBdstvz6z2A9Za7TVQtfE26zn5KXklRCQCVpEVUbTsEgpjyNOizLJpuG0KsqsIN5PMCi1mhOHQB68K88GsYONQsuVdWVhHNPIvck%2BGrPRlCWJH03Gv4i3dmSl4nZAe7W2RRYEtT5I5TdSGI26slrVUoEvdBNkk3QyysKIVkUhaDoWmSM6ymgCER9DyNM0SYNedUy8R20EDKbMScVrBCcRc44o3%2BC8cpV7frLki1SlVIfb%2FhX%2FipA97fc5zb%2Fv9tdBl4hgepkrrbBrwOzAvEkBP7bPH8J5g9Qg6tjXqmjEILn%2FDwwIcLRN4OJCOHSGuo%2BSLIZWs14wGxw3F8Hf5s3PfMgC25ce7TP2LLhAvejTsm8Oa7POdS3Fn3vmzOXScPv%2F6siPhhVZ0mooZZ3CFoSsJJTEW9a1fl8Z4NalaE0HJPhE73QCoByid25bON51Hla6abmR2E8mHLmwJ7s%2FLL%2FssKqdo1uo7gngZplgood2y%2F3svmtT9vMJwincG%2B6c0caewrrG5%2BRNcMOcxcN5%2B%2FIKWfwF&RelayState=_dafcce6c-b1f6-40b4-a21a-bd36909fbd6b

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
prosegur-dwp.onbmc.com/dwp/app/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://prosegur-dwp.onbmc.com/dwp/app/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.136.188.210 , Ireland, ASN203366 (BMCSAAS-AMS, IE),
Reverse DNS
Software
/
Resource Hash
6c41a705f44afef5c8f2b7e8dee7014633ea1525ab5113762f35bc662954188d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store, private
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Tue, 13 Dec 2022 17:59:33 GMT
Expires
Tue, 13 Dec 2022 17:59:33 GMT
Pragma
no-cache
Transfer-Encoding
chunked
vary
accept-encoding
start
ams-rsso2.onbmc.com/rsso/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ams-rsso2.onbmc.com/rsso/start
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.136.188.210 , Ireland, ASN203366 (BMCSAAS-AMS, IE),
Reverse DNS
Software
/
Resource Hash
1297843a7309df72d04808829e8e3e6b3eb2a83256b7b62492c29a0ac88f77c8
Security Headers
Name Value
Content-Security-Policy script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com 'nonce-VT6FzuxjJuU4A9abOiNOHg=='; object-src 'none'; worker-src 'self' blob:; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://prosegur-dwp.onbmc.com
Referer
https://prosegur-dwp.onbmc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com 'nonce-VT6FzuxjJuU4A9abOiNOHg=='; object-src 'none'; worker-src 'self' blob:; frame-ancestors 'self'
Content-Type
text/html;charset=UTF-8
Date
Tue, 13 Dec 2022 17:59:33 GMT
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
saml2
login.microsoftonline.com/68485601-fbbc-47c6-b156-3e1a7e0a4434/
Redirect Chain
  • https://ams-rsso2.onbmc.com/rsso/start
  • https://login.microsoftonline.com/68485601-fbbc-47c6-b156-3e1a7e0a4434/saml2?SAMLRequest=nVRLj9owEL7vr4h8d94EsACJglaLtG0joD30snKcCWspsVOPs0v%2FfZ0UtKxEORDlkNijb77H2DPkTd2yZWdf1RZ%2Bd4DWOza1QjZszEln...
152 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/68485601-fbbc-47c6-b156-3e1a7e0a4434/saml2?SAMLRequest=nVRLj9owEL7vr4h8d94EsACJglaLtG0joD30snKcCWspsVOPs0v%2FfZ0UtKxEORDlkNijb77H2DPkTd2yZWdf1RZ%2Bd4DWOza1QjZszElnFNMcJTLFG0BmBdstvz6z2A9Za7TVQtfE26zn5KXklRCQCVpEVUbTsEgpjyNOizLJpuG0KsqsIN5PMCi1mhOHQB68K88GsYONQsuVdWVhHNPIvck%2BGrPRlCWJH03Gv4i3dmSl4nZAe7W2RRYEtT5I5TdSGI26slrVUoEvdBNkk3QyysKIVkUhaDoWmSM6ymgCER9DyNM0SYNedUy8R20EDKbMScVrBCcRc44o3%2BC8cpV7frLki1SlVIfb%2FhX%2FipA97fc5zb%2Fv9tdBl4hgepkrrbBrwOzAvEkBP7bPH8J5g9Qg6tjXqmjEILn%2FDwwIcLRN4OJCOHSGuo%2BSLIZWs14wGxw3F8Hf5s3PfMgC25ce7TP2LLhAvejTsm8Oa7POdS3Fn3vmzOXScPv%2F6siPhhVZ0mooZZ3CFoSsJJTEW9a1fl8Z4NalaE0HJPhE73QCoByid25bON51Hla6abmR2E8mHLmwJ7s%2FLL%2FssKqdo1uo7gngZplgood2y%2F3svmtT9vMJwincG%2B6c0caewrrG5%2BRNcMOcxcN5%2B%2FIKWfwF&RelayState=_dafcce6c-b1f6-40b4-a21a-bd36909fbd6b
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.159.23 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
219e1ad57105c3dae525295a0fb73aa1ba46530c6fd1a707979b205e91d2b853
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://ams-rsso2.onbmc.com
Referer
https://ams-rsso2.onbmc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
55474
Content-Type
text/html; charset=utf-8
Date
Tue, 13 Dec 2022 17:59:32 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-ests-server
2.1.14357.7 - WEULR1 ProdSlices
x-ms-request-id
cc3204ff-198f-4142-85e1-ffd311245b00

Redirect headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Content-Security-Policy
script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; worker-src 'self' blob:; frame-ancestors 'self'
Date
Tue, 13 Dec 2022 17:59:33 GMT
Location
https://login.microsoftonline.com/68485601-fbbc-47c6-b156-3e1a7e0a4434/saml2?SAMLRequest=nVRLj9owEL7vr4h8d94EsACJglaLtG0joD30snKcCWspsVOPs0v%2FfZ0UtKxEORDlkNijb77H2DPkTd2yZWdf1RZ%2Bd4DWOza1QjZszElnFNMcJTLFG0BmBdstvz6z2A9Za7TVQtfE26zn5KXklRCQCVpEVUbTsEgpjyNOizLJpuG0KsqsIN5PMCi1mhOHQB68K88GsYONQsuVdWVhHNPIvck%2BGrPRlCWJH03Gv4i3dmSl4nZAe7W2RRYEtT5I5TdSGI26slrVUoEvdBNkk3QyysKIVkUhaDoWmSM6ymgCER9DyNM0SYNedUy8R20EDKbMScVrBCcRc44o3%2BC8cpV7frLki1SlVIfb%2FhX%2FipA97fc5zb%2Fv9tdBl4hgepkrrbBrwOzAvEkBP7bPH8J5g9Qg6tjXqmjEILn%2FDwwIcLRN4OJCOHSGuo%2BSLIZWs14wGxw3F8Hf5s3PfMgC25ce7TP2LLhAvejTsm8Oa7POdS3Fn3vmzOXScPv%2F6siPhhVZ0mooZZ3CFoSsJJTEW9a1fl8Z4NalaE0HJPhE73QCoByid25bON51Hla6abmR2E8mHLmwJ7s%2FLL%2FssKqdo1uo7gngZplgood2y%2F3svmtT9vMJwincG%2B6c0caewrrG5%2BRNcMOcxcN5%2B%2FIKWfwF&RelayState=_dafcce6c-b1f6-40b4-a21a-bd36909fbd6b
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Primary Request saml2
login.microsoftonline.com/68485601-fbbc-47c6-b156-3e1a7e0a4434/ 		199 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/68485601-fbbc-47c6-b156-3e1a7e0a4434/saml2?SAMLRequest=nVRLj9owEL7vr4h8d94EsACJglaLtG0joD30snKcCWspsVOPs0v%2FfZ0UtKxEORDlkNijb77H2DPkTd2yZWdf1RZ%2Bd4DWOza1QjZszElnFNMcJTLFG0BmBdstvz6z2A9Za7TVQtfE26zn5KXklRCQCVpEVUbTsEgpjyNOizLJpuG0KsqsIN5PMCi1mhOHQB68K88GsYONQsuVdWVhHNPIvck%2BGrPRlCWJH03Gv4i3dmSl4nZAe7W2RRYEtT5I5TdSGI26slrVUoEvdBNkk3QyysKIVkUhaDoWmSM6ymgCER9DyNM0SYNedUy8R20EDKbMScVrBCcRc44o3%2BC8cpV7frLki1SlVIfb%2FhX%2FipA97fc5zb%2Fv9tdBl4hgepkrrbBrwOzAvEkBP7bPH8J5g9Qg6tjXqmjEILn%2FDwwIcLRN4OJCOHSGuo%2BSLIZWs14wGxw3F8Hf5s3PfMgC25ce7TP2LLhAvejTsm8Oa7POdS3Fn3vmzOXScPv%2F6siPhhVZ0mooZZ3CFoSsJJTEW9a1fl8Z4NalaE0HJPhE73QCoByid25bON51Hla6abmR2E8mHLmwJ7s%2FLL%2FssKqdo1uo7gngZplgood2y%2F3svmtT9vMJwincG%2B6c0caewrrG5%2BRNcMOcxcN5%2B%2FIKWfwF&RelayState=_dafcce6c-b1f6-40b4-a21a-bd36909fbd6b&sso_reload=true
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/68485601-fbbc-47c6-b156-3e1a7e0a4434/saml2?SAMLRequest=nVRLj9owEL7vr4h8d94EsACJglaLtG0joD30snKcCWspsVOPs0v%2FfZ0UtKxEORDlkNijb77H2DPkTd2yZWdf1RZ%2Bd4DWOza1QjZszElnFNMcJTLFG0BmBdstvz6z2A9Za7TVQtfE26zn5KXklRCQCVpEVUbTsEgpjyNOizLJpuG0KsqsIN5PMCi1mhOHQB68K88GsYONQsuVdWVhHNPIvck%2BGrPRlCWJH03Gv4i3dmSl4nZAe7W2RRYEtT5I5TdSGI26slrVUoEvdBNkk3QyysKIVkUhaDoWmSM6ymgCER9DyNM0SYNedUy8R20EDKbMScVrBCcRc44o3%2BC8cpV7frLki1SlVIfb%2FhX%2FipA97fc5zb%2Fv9tdBl4hgepkrrbBrwOzAvEkBP7bPH8J5g9Qg6tjXqmjEILn%2FDwwIcLRN4OJCOHSGuo%2BSLIZWs14wGxw3F8Hf5s3PfMgC25ce7TP2LLhAvejTsm8Oa7POdS3Fn3vmzOXScPv%2F6siPhhVZ0mooZZ3CFoSsJJTEW9a1fl8Z4NalaE0HJPhE73QCoByid25bON51Hla6abmR2E8mHLmwJ7s%2FLL%2FssKqdo1uo7gngZplgood2y%2F3svmtT9vMJwincG%2B6c0caewrrG5%2BRNcMOcxcN5%2B%2FIKWfwF&RelayState=_dafcce6c-b1f6-40b4-a21a-bd36909fbd6b
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.159.23 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
00214f8b92ff40d3764abdd4bd9fad859189ffba41a07d10094d594336c838ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://login.microsoftonline.com/68485601-fbbc-47c6-b156-3e1a7e0a4434/saml2?SAMLRequest=nVRLj9owEL7vr4h8d94EsACJglaLtG0joD30snKcCWspsVOPs0v%2FfZ0UtKxEORDlkNijb77H2DPkTd2yZWdf1RZ%2Bd4DWOza1QjZszElnFNMcJTLFG0BmBdstvz6z2A9Za7TVQtfE26zn5KXklRCQCVpEVUbTsEgpjyNOizLJpuG0KsqsIN5PMCi1mhOHQB68K88GsYONQsuVdWVhHNPIvck%2BGrPRlCWJH03Gv4i3dmSl4nZAe7W2RRYEtT5I5TdSGI26slrVUoEvdBNkk3QyysKIVkUhaDoWmSM6ymgCER9DyNM0SYNedUy8R20EDKbMScVrBCcRc44o3%2BC8cpV7frLki1SlVIfb%2FhX%2FipA97fc5zb%2Fv9tdBl4hgepkrrbBrwOzAvEkBP7bPH8J5g9Qg6tjXqmjEILn%2FDwwIcLRN4OJCOHSGuo%2BSLIZWs14wGxw3F8Hf5s3PfMgC25ce7TP2LLhAvejTsm8Oa7POdS3Fn3vmzOXScPv%2F6siPhhVZ0mooZZ3CFoSsJJTEW9a1fl8Z4NalaE0HJPhE73QCoByid25bON51Hla6abmR2E8mHLmwJ7s%2FLL%2FssKqdo1uo7gngZplgood2y%2F3svmtT9vMJwincG%2B6c0caewrrG5%2BRNcMOcxcN5%2B%2FIKWfwF&RelayState=_dafcce6c-b1f6-40b4-a21a-bd36909fbd6b
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
50854
Content-Type
text/html; charset=utf-8
Date
Tue, 13 Dec 2022 17:59:32 GMT
Expires
-1
Link
<https://aadcdn.msauth.net>; rel=preconnect; crossorigin <https://aadcdn.msauth.net>; rel=dns-prefetch <https://aadcdn.msftauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-Frame-Options
DENY
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-ests-server
2.1.14357.7 - NEULR2 ProdSlices
x-ms-request-id
c98b74b0-ca8d-4b90-93db-27cd5eb65e00
ConvergedLogin_PCore_uKA_y1fjqWvYkTaFMejIZQ2.js
aadcdn.msauth.net/shared/1.0/content/js/ 		391 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_uKA_y1fjqWvYkTaFMejIZQ2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/68485601-fbbc-47c6-b156-3e1a7e0a4434/saml2?SAMLRequest=nVRLj9owEL7vr4h8d94EsACJglaLtG0joD30snKcCWspsVOPs0v%2FfZ0UtKxEORDlkNijb77H2DPkTd2yZWdf1RZ%2Bd4DWOza1QjZszElnFNMcJTLFG0BmBdstvz6z2A9Za7TVQtfE26zn5KXklRCQCVpEVUbTsEgpjyNOizLJpuG0KsqsIN5PMCi1mhOHQB68K88GsYONQsuVdWVhHNPIvck%2BGrPRlCWJH03Gv4i3dmSl4nZAe7W2RRYEtT5I5TdSGI26slrVUoEvdBNkk3QyysKIVkUhaDoWmSM6ymgCER9DyNM0SYNedUy8R20EDKbMScVrBCcRc44o3%2BC8cpV7frLki1SlVIfb%2FhX%2FipA97fc5zb%2Fv9tdBl4hgepkrrbBrwOzAvEkBP7bPH8J5g9Qg6tjXqmjEILn%2FDwwIcLRN4OJCOHSGuo%2BSLIZWs14wGxw3F8Hf5s3PfMgC25ce7TP2LLhAvejTsm8Oa7POdS3Fn3vmzOXScPv%2F6siPhhVZ0mooZZ3CFoSsJJTEW9a1fl8Z4NalaE0HJPhE73QCoByid25bON51Hla6abmR2E8mHLmwJ7s%2FLL%2FssKqdo1uo7gngZplgood2y%2F3svmtT9vMJwincG%2B6c0caewrrG5%2BRNcMOcxcN5%2B%2FIKWfwF&RelayState=_dafcce6c-b1f6-40b4-a21a-bd36909fbd6b&sso_reload=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
6dc9810fa0a9551a31d7a5ad428952b917c211475113620a461cdb5efb2d5993

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 13 Dec 2022 17:59:33 GMT
content-encoding
gzip
x-azure-ref-originshield
0IFWXYwAAAACdxrgOe6mbRbg/5j5+v6ItRlJBMjMxMDUwNDE3MDQ3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
zcwWfFMjU4sF0R3R+wJipw==
x-cache
TCP_HIT
content-length
112662
x-ms-lease-status
unlocked
last-modified
Thu, 17 Nov 2022 22:31:46 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAC8EB82F7AC92
x-azure-ref
0hb2YYwAAAAAsVuTzgha4R7OWtPSaSs1+RlJBMzFFREdFMDMyMAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
90e874c6-901e-002e-04e3-0c045d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
Me.htm
login.live.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/68485601-fbbc-47c6-b156-3e1a7e0a4434/saml2?SAMLRequest=nVRLj9owEL7vr4h8d94EsACJglaLtG0joD30snKcCWspsVOPs0v%2FfZ0UtKxEORDlkNijb77H2DPkTd2yZWdf1RZ%2Bd4DWOza1QjZszElnFNMcJTLFG0BmBdstvz6z2A9Za7TVQtfE26zn5KXklRCQCVpEVUbTsEgpjyNOizLJpuG0KsqsIN5PMCi1mhOHQB68K88GsYONQsuVdWVhHNPIvck%2BGrPRlCWJH03Gv4i3dmSl4nZAe7W2RRYEtT5I5TdSGI26slrVUoEvdBNkk3QyysKIVkUhaDoWmSM6ymgCER9DyNM0SYNedUy8R20EDKbMScVrBCcRc44o3%2BC8cpV7frLki1SlVIfb%2FhX%2FipA97fc5zb%2Fv9tdBl4hgepkrrbBrwOzAvEkBP7bPH8J5g9Qg6tjXqmjEILn%2FDwwIcLRN4OJCOHSGuo%2BSLIZWs14wGxw3F8Hf5s3PfMgC25ce7TP2LLhAvejTsm8Oa7POdS3Fn3vmzOXScPv%2F6siPhhVZ0mooZZ3CFoSsJJTEW9a1fl8Z4NalaE0HJPhE73QCoByid25bON51Hla6abmR2E8mHLmwJ7s%2FLL%2FssKqdo1uo7gngZplgood2y%2F3svmtT9vMJwincG%2B6c0caewrrG5%2BRNcMOcxcN5%2B%2FIKWfwF&RelayState=_dafcce6c-b1f6-40b4-a21a-bd36909fbd6b&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.32.138 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		0
20 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/68485601-fbbc-47c6-b156-3e1a7e0a4434/saml2?SAMLRequest=nVRLj9owEL7vr4h8d94EsACJglaLtG0joD30snKcCWspsVOPs0v%2FfZ0UtKxEORDlkNijb77H2DPkTd2yZWdf1RZ%2Bd4DWOza1QjZszElnFNMcJTLFG0BmBdstvz6z2A9Za7TVQtfE26zn5KXklRCQCVpEVUbTsEgpjyNOizLJpuG0KsqsIN5PMCi1mhOHQB68K88GsYONQsuVdWVhHNPIvck%2BGrPRlCWJH03Gv4i3dmSl4nZAe7W2RRYEtT5I5TdSGI26slrVUoEvdBNkk3QyysKIVkUhaDoWmSM6ymgCER9DyNM0SYNedUy8R20EDKbMScVrBCcRc44o3%2BC8cpV7frLki1SlVIfb%2FhX%2FipA97fc5zb%2Fv9tdBl4hgepkrrbBrwOzAvEkBP7bPH8J5g9Qg6tjXqmjEILn%2FDwwIcLRN4OJCOHSGuo%2BSLIZWs14wGxw3F8Hf5s3PfMgC25ce7TP2LLhAvejTsm8Oa7POdS3Fn3vmzOXScPv%2F6siPhhVZ0mooZZ3CFoSsJJTEW9a1fl8Z4NalaE0HJPhE73QCoByid25bON51Hla6abmR2E8mHLmwJ7s%2FLL%2FssKqdo1uo7gngZplgood2y%2F3svmtT9vMJwincG%2B6c0caewrrG5%2BRNcMOcxcN5%2B%2FIKWfwF&RelayState=_dafcce6c-b1f6-40b4-a21a-bd36909fbd6b&sso_reload=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 13 Dec 2022 17:59:33 GMT
content-encoding
gzip
x-azure-ref-originshield
0WHqXYwAAAAAbT4VePZvGQIIYTEmuzluhRlJBMjMxMDUwNDE4MDUzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
9K2/nGCj75WAmmAI9nZNCA==
x-cache
TCP_HIT
content-length
19970
x-ms-lease-status
unlocked
last-modified
Thu, 04 Aug 2022 19:37:00 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA7650B37ACC3D
x-azure-ref
0hb2YYwAAAACbw5ktSoa9Q7Dmo7Spr06YRlJBMzFFREdFMDMxMgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
ff951124-301e-0008-0ed8-0c6f62000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
ux.converged.login.strings-de.min_jsryyy-ccnmmqx0k_uzbkw2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		0
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_jsryyy-ccnmmqx0k_uzbkw2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/68485601-fbbc-47c6-b156-3e1a7e0a4434/saml2?SAMLRequest=nVRLj9owEL7vr4h8d94EsACJglaLtG0joD30snKcCWspsVOPs0v%2FfZ0UtKxEORDlkNijb77H2DPkTd2yZWdf1RZ%2Bd4DWOza1QjZszElnFNMcJTLFG0BmBdstvz6z2A9Za7TVQtfE26zn5KXklRCQCVpEVUbTsEgpjyNOizLJpuG0KsqsIN5PMCi1mhOHQB68K88GsYONQsuVdWVhHNPIvck%2BGrPRlCWJH03Gv4i3dmSl4nZAe7W2RRYEtT5I5TdSGI26slrVUoEvdBNkk3QyysKIVkUhaDoWmSM6ymgCER9DyNM0SYNedUy8R20EDKbMScVrBCcRc44o3%2BC8cpV7frLki1SlVIfb%2FhX%2FipA97fc5zb%2Fv9tdBl4hgepkrrbBrwOzAvEkBP7bPH8J5g9Qg6tjXqmjEILn%2FDwwIcLRN4OJCOHSGuo%2BSLIZWs14wGxw3F8Hf5s3PfMgC25ce7TP2LLhAvejTsm8Oa7POdS3Fn3vmzOXScPv%2F6siPhhVZ0mooZZ3CFoSsJJTEW9a1fl8Z4NalaE0HJPhE73QCoByid25bON51Hla6abmR2E8mHLmwJ7s%2FLL%2FssKqdo1uo7gngZplgood2y%2F3svmtT9vMJwincG%2B6c0caewrrG5%2BRNcMOcxcN5%2B%2FIKWfwF&RelayState=_dafcce6c-b1f6-40b4-a21a-bd36909fbd6b&sso_reload=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 13 Dec 2022 17:59:33 GMT
content-encoding
gzip
x-azure-ref-originshield
0G1iXYwAAAAAhdqHeen2hRZr2jB3UJ62NRlJBMjMxMDUwNDE3MDE3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
cijw/4ed1uLZXSj7Q1LY9Q==
x-cache
TCP_HIT
content-length
15177
x-ms-lease-status
unlocked
last-modified
Wed, 16 Nov 2022 00:33:54 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAC76A3E1EAA0C
x-azure-ref
0hb2YYwAAAAAsQTIgHKpyS5hzmCUENiGPRlJBMzFFREdFMDMxMgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
880f8994-601e-0039-27aa-0d6571000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
convergedlogin_pcustomizationloader_442ad4dbc9101c033d33.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 		107 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_442ad4dbc9101c033d33.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_uKA_y1fjqWvYkTaFMejIZQ2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4393c9a3f71c27bbf7fd0275513d128f1effdf2a88dbb4bf27c710daa30165ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 13 Dec 2022 17:59:33 GMT
content-encoding
gzip
x-azure-ref-originshield
0dp6XYwAAAAD4Q0VRse4iR7oeDy1FzSPqRlJBMjMxMDUwNDE4MDIxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
W8lUw496uzczhL0u7372yg==
x-cache
TCP_HIT
content-length
32191
x-ms-lease-status
unlocked
last-modified
Tue, 15 Nov 2022 20:12:19 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAC745B324D8CE
x-azure-ref
0hb2YYwAAAAAf5boEIMQ7T5en/lWQ0EOYRlJBMzFFREdFMDMxMgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
b2f61607-101e-0062-66cf-0c2355000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
illustration
aadcdn.msauthimages.net/c1c6b6c8-vy5uwfnourv0q-ngsksvdcvbfjlqrwhqld-uw6ynozs/logintenantbranding/0/ 		284 KB
284 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauthimages.net/c1c6b6c8-vy5uwfnourv0q-ngsksvdcvbfjlqrwhqld-uw6ynozs/logintenantbranding/0/illustration?ts=637460430644430524
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.72 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CAE) /
Resource Hash
1a2d70a86d73f03a67ceae188e7712dc9bcbbbffb5667f72fc55de1866ad985e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 13 Dec 2022 17:59:33 GMT
last-modified
Tue, 12 Jan 2021 10:11:04 GMT
server
ECAcc (frc/4CAE)
content-md5
G3eU114jklFpcOK/Kp9g6g==
age
18163
etag
0x8D8B6E25F27D01E
x-cache
HIT
content-type
image/*
x-ms-request-id
920e91fa-001e-0062-43f2-0e6bea000000
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
290614
bannerlogo
aadcdn.msauthimages.net/c1c6b6c8-vy5uwfnourv0q-ngsksvdcvbfjlqrwhqld-uw6ynozs/logintenantbranding/0/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauthimages.net/c1c6b6c8-vy5uwfnourv0q-ngsksvdcvbfjlqrwhqld-uw6ynozs/logintenantbranding/0/bannerlogo?ts=637364420589574231
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.72 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CE9) /
Resource Hash
d21ccc9541dd1d1355a5d90d72ff208e1de1c8251f835d38437bd2350a85dc49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 13 Dec 2022 17:59:33 GMT
last-modified
Wed, 23 Sep 2020 07:14:19 GMT
server
ECAcc (frc/4CE9)
content-md5
bVvqLettGYGForWWE+2NYg==
age
12884
etag
0x8D85F9049D70656
x-cache
HIT
content-type
image/*
x-ms-request-id
b70c1992-401e-0008-15fe-0e3741000000
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
3600
signin-options_4e48046ce74f4b89d45037c90576bfac.svg
aadcdn.msauth.net/shared/1.0/content/images/ 		2 KB
965 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 13 Dec 2022 17:59:33 GMT
content-encoding
gzip
x-azure-ref-originshield
0GKyYYwAAAABEM9ftdmnuTYokR4jplmU2RlJBMjMxMDUwNDE3MDQ1ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
R2FAVxfpONfnQAuxVxXbHg==
x-cache
TCP_HIT
content-length
621
x-ms-lease-status
unlocked
last-modified
Tue, 10 Nov 2020 03:41:24 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D8852A7FA6B761
x-azure-ref
0hr2YYwAAAACNv4qh171qQKqhkVnzECpKRlJBMzFFREdFMDMxMgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
77add1aa-a01e-005d-37c0-0e8b5b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		108 KB
20 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/68485601-fbbc-47c6-b156-3e1a7e0a4434/saml2?SAMLRequest=nVRLj9owEL7vr4h8d94EsACJglaLtG0joD30snKcCWspsVOPs0v%2FfZ0UtKxEORDlkNijb77H2DPkTd2yZWdf1RZ%2Bd4DWOza1QjZszElnFNMcJTLFG0BmBdstvz6z2A9Za7TVQtfE26zn5KXklRCQCVpEVUbTsEgpjyNOizLJpuG0KsqsIN5PMCi1mhOHQB68K88GsYONQsuVdWVhHNPIvck%2BGrPRlCWJH03Gv4i3dmSl4nZAe7W2RRYEtT5I5TdSGI26slrVUoEvdBNkk3QyysKIVkUhaDoWmSM6ymgCER9DyNM0SYNedUy8R20EDKbMScVrBCcRc44o3%2BC8cpV7frLki1SlVIfb%2FhX%2FipA97fc5zb%2Fv9tdBl4hgepkrrbBrwOzAvEkBP7bPH8J5g9Qg6tjXqmjEILn%2FDwwIcLRN4OJCOHSGuo%2BSLIZWs14wGxw3F8Hf5s3PfMgC25ce7TP2LLhAvejTsm8Oa7POdS3Fn3vmzOXScPv%2F6siPhhVZ0mooZZ3CFoSsJJTEW9a1fl8Z4NalaE0HJPhE73QCoByid25bON51Hla6abmR2E8mHLmwJ7s%2FLL%2FssKqdo1uo7gngZplgood2y%2F3svmtT9vMJwincG%2B6c0caewrrG5%2BRNcMOcxcN5%2B%2FIKWfwF&RelayState=_dafcce6c-b1f6-40b4-a21a-bd36909fbd6b&sso_reload=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
9537f00ca371747a97a2acca388f7b2379a7fa7c59bde18c3d2621c0de8de492

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 13 Dec 2022 17:59:38 GMT
content-encoding
gzip
x-azure-ref-originshield
0WHqXYwAAAAAbT4VePZvGQIIYTEmuzluhRlJBMjMxMDUwNDE4MDUzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
9K2/nGCj75WAmmAI9nZNCA==
x-cache
TCP_HIT
content-length
19970
x-ms-lease-status
unlocked
last-modified
Thu, 04 Aug 2022 19:37:00 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA7650B37ACC3D
x-azure-ref
0ir2YYwAAAABsgZrBERopQ7hN1SU2JAyGRlJBMzFFREdFMDMyMAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
ff951124-301e-0008-0ed8-0c6f62000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
ux.converged.login.strings-de.min_jsryyy-ccnmmqx0k_uzbkw2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		52 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_jsryyy-ccnmmqx0k_uzbkw2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/68485601-fbbc-47c6-b156-3e1a7e0a4434/saml2?SAMLRequest=nVRLj9owEL7vr4h8d94EsACJglaLtG0joD30snKcCWspsVOPs0v%2FfZ0UtKxEORDlkNijb77H2DPkTd2yZWdf1RZ%2Bd4DWOza1QjZszElnFNMcJTLFG0BmBdstvz6z2A9Za7TVQtfE26zn5KXklRCQCVpEVUbTsEgpjyNOizLJpuG0KsqsIN5PMCi1mhOHQB68K88GsYONQsuVdWVhHNPIvck%2BGrPRlCWJH03Gv4i3dmSl4nZAe7W2RRYEtT5I5TdSGI26slrVUoEvdBNkk3QyysKIVkUhaDoWmSM6ymgCER9DyNM0SYNedUy8R20EDKbMScVrBCcRc44o3%2BC8cpV7frLki1SlVIfb%2FhX%2FipA97fc5zb%2Fv9tdBl4hgepkrrbBrwOzAvEkBP7bPH8J5g9Qg6tjXqmjEILn%2FDwwIcLRN4OJCOHSGuo%2BSLIZWs14wGxw3F8Hf5s3PfMgC25ce7TP2LLhAvejTsm8Oa7POdS3Fn3vmzOXScPv%2F6siPhhVZ0mooZZ3CFoSsJJTEW9a1fl8Z4NalaE0HJPhE73QCoByid25bON51Hla6abmR2E8mHLmwJ7s%2FLL%2FssKqdo1uo7gngZplgood2y%2F3svmtT9vMJwincG%2B6c0caewrrG5%2BRNcMOcxcN5%2B%2FIKWfwF&RelayState=_dafcce6c-b1f6-40b4-a21a-bd36909fbd6b&sso_reload=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a1182c6bc0c6af2d7624124dd9e38991f91568f0965ddee945e4ed793ee99718

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 13 Dec 2022 17:59:38 GMT
content-encoding
gzip
x-azure-ref-originshield
0G1iXYwAAAAAhdqHeen2hRZr2jB3UJ62NRlJBMjMxMDUwNDE3MDE3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
cijw/4ed1uLZXSj7Q1LY9Q==
x-cache
TCP_HIT
content-length
15177
x-ms-lease-status
unlocked
last-modified
Wed, 16 Nov 2022 00:33:54 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAC76A3E1EAA0C
x-azure-ref
0ir2YYwAAAAAFhbqK9H5PQLz24Yl9ESUkRlJBMzFFREdFMDMyMAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
880f8994-601e-0039-27aa-0d6571000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_442ad4dbc9101c033d33

15 Cookies

Domain/Path Name / Value
ams-rsso2.onbmc.com/rsso Name: route
Value: 1670954374.162.16400.725380
prosegur-dwp.onbmc.com/dwp Name: JSESSIONID
Value: B122D7F3A08C14770D6EF85714C5693D
prosegur-dwp.onbmc.com/ Name: route
Value: 1670954374.015.126239.750386
prosegur-dwp.onbmc.com/ Name: onbmc_pool
Value: !yaUlnNKTYUNRZWw/3LKy6c21Ta1VNA+qBNd8XlrI7DarCmLCcfWLG8c3Lj77Dk2ASWsfCjF4uRbAHWo=
ams-rsso2.onbmc.com/ Name: onbmc_pool
Value: !X2bGUP4/6JHT0kw/3LKy6c21Ta1VNB1ZzCRLexp5EQiNkkxGtIHBWjoEXKLMGS2aqlYCUQLqLuB/lA==
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
.login.microsoftonline.com/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.com/ Name: SSOCOOKIEPULLED
Value: 1
login.microsoftonline.com/ Name: buid
Value: 0.AUgAAVZIaLz7xkexVj4afgpENNsHt90r8bVDq1esmzzpPvNIAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrXGf3MIe1dTGr2_gipC-xERliOmiGDVWRSueaBj22QTGQbf6s3lF0-gUe8xx3o0snpnCEXbXYnaHK-7hvz-w1guWu-OZPgH_Jxf39e3OyOhIgAA
login.microsoftonline.com/ Name: fpc
Value: Agk1-lBWI8JPgQAHaoo_kojP0sauAQAAAIW0KtsOAAAA
.login.microsoftonline.com/ Name: esctx
Value: PAQABAAEAAAD--DLA3VO7QrddgJg7Wevr1jnTGTfEijaysq1XQ5Vi6y4PJ2_lRkCKAgy0pMapfZKVDLiIbSNivrNdxW-5crbUSw5IaN3TQW_0736IAEsYlYaIGcXdAbFu8BahbfyBl4sGqxu7J0YeJXak0LoLT9Dc0LL5xI8Aty-1eMAR0mqypFbvSGJSuS0FnWUfPmkj3mogAA
.login.microsoftonline.com/ Name: brcap
Value: 0
.login.live.com/ Name: uaid
Value: fa1dfa8fde4b495c89beecca975bdb13
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1670954373&co=1

1 Console Messages

Source Level URL
Text
network error URL: https://prosegur-dwp.onbmc.com/dwp/app/#/activity
Message:
Failed to load resource: the server responded with a status of 401 ()